package org.m2acsi.utils;

import java.security.MessageDigest;
import org.m2acsi.boundary.DocumentEJB;
import org.m2acsi.boundary.TaskEJB;
import org.m2acsi.control.BaseBean;
import org.m2acsi.entities.Document;
import org.m2acsi.entities.RoleType;
import org.m2acsi.entities.Task;
import org.m2acsi.entities.User;

public class Security {

    public static String sha256(String base) {
        try {
            MessageDigest digest = MessageDigest.getInstance("SHA-256");
            byte[] hash = digest.digest(base.getBytes("UTF-8"));
            StringBuilder hexString = new StringBuilder();
            for (int i = 0; i < hash.length; i++) {
                String hex = Integer.toHexString(0xff & hash[i]);
                if (hex.length() == 1) {
                    hexString.append('0');
                }
                hexString.append(hex);
            }

            return hexString.toString();
        } catch (Exception ex) {
            throw new RuntimeException(ex);
        }
    }

    /**
     * @param stringIdTask, the parameter on the url who represent the id of the
     * task
     * @param u, the authentificated user
     * @param taskEjb type TaskEJB reprensent the EjbTask
     * @param baseBean type BaseBean represent bean
     * @return a task from database who the user is authorize to see.
     */
    public static Task taskSecurityCheck(String stringIdTask, User u, TaskEJB taskEjb, BaseBean baseBean) {
        long idTask = 0;
        try {
            idTask = Long.parseLong(stringIdTask);
        } catch (Exception e) {
            if (stringIdTask != null && stringIdTask.length() != 0) {
                baseBean.hackRedirect("try to not put a number.");
            } else {
                baseBean.hackRedirect("try without params.");
            }
        }
        Task tmpTask = taskEjb.find(idTask);
        if (tmpTask == null) {
            //unkown task id
            baseBean.hackRedirect("try to change an id.");
        } else {
            boolean canSee = false;
            for (Task t : u.getContributions()) {
                if (tmpTask.getId() == t.getId()) {
                    canSee = true;
                    break;
                }
            }
            if (!canSee && !u.getRoleName().equals(RoleType.ADMIN)) {
                //user not allowed
                baseBean.hackRedirect("try to access a task he is not supposed to see.");
            }
        }
        return tmpTask;
    }

    public static Document documentSecurityCheck(String stringIdDoc, User u, DocumentEJB documentEjb, BaseBean baseBean) {
        long idDoc = 0;
        try {
            idDoc = Long.parseLong(stringIdDoc);
        } catch (Exception e) {
            if (stringIdDoc != null && stringIdDoc.length() != 0) {
                baseBean.hackRedirect("try to not put a number.");
            } else {
                baseBean.hackRedirect("try without params.");
            }
        }
        Document tmpDoc = documentEjb.find(idDoc);
        if (tmpDoc == null) {
            //unkown task id
            baseBean.hackRedirect("try to change an id.");
        } else {
            boolean canSee = false;
            for (Task t : u.getContributions()) {
                if (tmpDoc.getId() == t.getId()) {
                    canSee = true;
                    break;
                }
            }
            if (!canSee && !u.getRoleName().equals(RoleType.ADMIN)) {
                //user not allowed
                baseBean.hackRedirect("try to access a task he is not supposed to see.");
            }
        }
        return tmpDoc;
    }
}
